Dateline
Ukraine at D+378: Russian missile strikes resume. (CyberWire) Bakhmut remains an objective, but Russia has resumed long-range strikes against other Ukrainian cities. The US sees more problems for Russia this year.
Russia-Ukraine war: List of key events, day 379 (Al Jazeera) As the Russia-Ukraine war enters its 379th day, we take a look at the main developments.
Russian missile barrage slams into cities across Ukraine (AP NEWS) Russia unleashed “a massive rocket attack” that hit critical infrastructure and residential buildings in 10 regions of Ukraine, the country’s president said Thursday, with officials reporting at least six deaths in the largest such nighttime attack in three weeks.
Ukraine war: Russian air strikes cut power at Zaporizhzhia nuclear plant (BBC News) The electrical power supply at Europe's largest nuclear power plant is lost after Russia launches missiles.
Ukraine: Explosions reported in Kharkiv and Odesa early March 9, causing power outages (Crisis24) Explosions and power outages reported in Kharkiv and Odesa, Ukraine, early March 9. Further strikes likely.
Cost of Bakhmut ‘meat grinder’ battle on Russian army revealed (The Telegraph) Nato official says Russia’s losses in the assault on the town far outweigh Ukraine’s
NATO estimates Russia lost 5 times more soldiers in Bakhmut than Ukraine (CNN) President Volodymyr Zelensky said he has ordered the reinforcements of positions in the besieged eastern city of Bakhmut, vowing Ukraine would defend every inch of territory.
Russia unlikely to make major Ukraine gains this year – US intelligence chief (the Guardian) Avril Haines tells Senate hearing of ‘grinding, attritional war’ but sounds cautious note over Ukraine’s prospects in expected counter-offensive
Russian Cyberwar in Ukraine Stumbles Just Like Conventional One (Bloomberg) The Russian cyber threat, like President Vladimir Putin’s army, was expected to overwhelm Ukraine’s capacities quickly.
Australian official demands Russia bring criminal hackers ‘to heel’ (The Record by Recorded Future) Secretary of Home Affairs Michael Pezzullo says Russia hosts “the greatest density of cybercriminals, particularly those with ransomware,” in the world.
Russia will have to rely on nukes, cyberattacks, and China since its military is being thrashed in Ukraine, US intel director says (Business Insider) Russia will need to rebuild its military due to high losses, botched strategies, and wasted resources. That leaves it reliant on "asymmetric options."
US Army is moving to get tanks to Ukraine ‘as quickly as possible’ (Defense News) “We don’t want to give the Russians certainty about when something’s going to arrive, but efforts are underway to do it as quickly as possible,” Bush said.
In race to arm Ukraine, U.S. faces cracks in its manufacturing might (Washington Post) The war has exposed an inability to rapidly surge production of many weapons needed for Ukraine and for America’s self-defense
Russia Reportedly Supplying Enriched Plutonium to China (U.S. Department of Defense) China and Russia have placed nuclear weapons, space warfare and long-range strike at the center of their strategies to counter the United States and its allies and partners, John F. Plumb, assistant
Surviving Putin (Puck) A gripping conversation with Christo Grozev, lead Russia investigator for Bellingcat, about his role in the Oscar-nominated documentary ‘Navalny,’ sleeper agents in Europe, and why he can’t go home again.
Pentagon accused of blocking effort to hand Russia war crimes evidence to ICC (the Guardian) Defence department reportedly unwilling to share intelligence over fears precedent could be set against US soldiers fighting foreign wars
Senators call for ban on airlines flying to the US using Russian airspace (The Loadstar) Asian and Gulf airlines face longer routes to the US after senators urged government to ban carriers that fly through Russian airspace
EU Court Strikes Down Sanctions on Wagner Founder’s Mother (Wall Street Journal) The ruling is the first legal blow to the bloc’s sanctions against Russia and a decision that could set a precedent for other listings.
Attacks, Threats, and Vulnerabilities
Darktrace warns of rise in AI-enhanced scams since ChatGPT release (the Guardian) Cybersecurity firm notes emergence of sophisticated email scams featuring improved linguistic complexity
COBALT ILLUSION Masquerades as Atlantic Council Employee (Secureworks) The phishing campaign targets researchers who document the suppression of women and minority groups in Iran.
CorePlague: Severe Vulnerabilities in Jenkins Server Lead to RCE (Aqua Security) Aqua Research revealed a chain of vulnerabilities CVE-2023-27898, CVE-2023-27905 in Jenkins Server & Update Center which could lead to a complete compromise
BitSight identifies thousands of global organizations using insecure webcams and other IoT devices, finding many susceptible to eavesdropping (BitSight) Use of exposed devices gives attackers the ability to listen in on private conversations and view potentially sensitive video feeds in real time
Old Cyber Gang Uses New Crypter – ScrubCrypt (Fortinet Blog) FortiGuard Labs elaborates on the details of ScrubCrypt malware that obfuscates and encrypts applications and makes them able to dodge to security programs. Read more.…
A border-hopping PlugX USB worm takes its act on the road (Sophos News) Borne aloft by DLL sideloading, a far-flung infection touches ten time zones
Fresh Phish: Ring Customers Find Themselves at the Front Door of a Data Harvesting Scheme (INKY) Beware Ring Video Doorbell users. Cybercriminals impersonating Ring have devised a new phishing scheme aimed at stealing your credit card, SSN, and other valuable data. Get the specifics and see the phish INKY reeled in.
Major data breach exposes personal information of ‘hundreds’ of lawmakers and staff (Washington Examiner) A major data breach of DC Health Link has exposed the personal information of lawmakers and staff in both chambers, congressional officials informed members on Wednesday.
House members, staff personal data compromised in health insurer breach (POLITICO) McCarthy and Jeffries sent out an email, obtained by POLITICO, describing an “egregious security breach within DC Health Link’s insurance marketplace.”
Hundreds of US lawmakers and staff affected by data breach (CNN Politics) Hundreds of US House members and staff had their personally identifiable information stolen in a breach of a DC health care insurance service, the House chief administrative officer told lawmakers Wednesday in a letter obtained by CNN.
BEC 3.0 - Legitimate Sites for Illegitimate Purposes (Avanan) BEC 3.0 is here.
BlackMamba: Using AI to Generate Polymorphic Malware (HYAS) HYAS Labs introduces new malware proof of concept BlackMamba, a keylogger using AI to generate polymorphic code that changes at runtime to avoid detection.
'Sys01 Stealer' Malware Targeting Government Employees (SecurityWeek) The Sys01 Stealer has been observed targeting the Facebook accounts of critical government infrastructure employees.
Cyber attack hits engineering giant with contracts for military bases, power plants (CTVNews) A Canadian engineering giant whose work involves critical military, power and transportation infrastructure across the country has been hit with a ransomware attack.
What were the Iranians looking for in the Technion's computers? (7 Israel National News) The source of the cyber attack on the Technion was Iran. Why the Technion? What did the attackers want to achieve? An information security expert answers.
Oakland City Hall police data released online, including investigations and complaint details (CyberSecurity Connect) A non-profit whistleblower site has published 11.7GB worth of data from a recent ransomware attack on the Oakland City Council, in the US state of California.
Ransomware gang posts video of data stolen from Minneapolis schools (BleepingComputer) The Medusa ransomware gang is demanding a $1,000,000 ransom from the Minneapolis Public Schools (MPS) district to delete data allegedly stolen in a ransomware attack.
Ransomware group says it stole student data from Minneapolis Public Schools (The Record) The ransomware group behind an attack on Minneapolis Public Schools posted a public video allegedly showing screenshots of stolen data after the school district said it was using backups to recover from the incident.
City of Waynesboro targeted in cyber attack (NBC 29) Some personal information in floating around in cyberspace after a ransomware attack against the city of Waynesboro.
Emotet malware attacks return after three-month break (BleepingComputer) The Emotet malware operation is again spamming malicious emails as of Tuesday morning after a three-month break, rebuilding its network and infecting devices worldwide.
Malware Monthly - February 2023 (Sonatype) The February 2023 edition of Malware Monthly shares insights into copycat information stealers, malware linked to video game mods, and more.
The VulnCheck 2022 Exploited Vulnerability Report - Missing CISA KEV Catalog Entries (VulnCheck) A review of the vulnerabilities that should have been added to the CISA KEV Catalog in 2022, but weren't.
Vulnerability Summary for the Week of February 27, 2023 (Cybersecurity and Infrastructure Security Agency CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Veeam fixes bug that lets hackers breach backup infrastructure (BleepingComputer) Veeam urged customers to patch a high-severity Backup Service security vulnerability impacting its Backup & Replication software.
Trends
Lockbit Ransomware Dominant Even as Overall Attack Rates Fall (Security Boulevard) With victims from 23 countries, Lockbit continues to be the most prolific ransomware group in the early months of 2023, even as an 11% decrease in
2023 State of Cloud Native Security Report (Palo Alto Networks) The Cloud-Native Security Report 2023 explores current cloud security practices and challenges to identify cloud native security best practices. Survey results.
Specops Software 2023 Weak Password Report (Specops Software) About the Data Poor password practices are putting businesses at risk. Data breaches continue to be a threat to all types of organizations across the...
State of Secrets Sprawl Report Reveals 10M Secrets Occurrences Detected in 2022; Up 67% From 2021 (GlobeNewswire News Room) GitGuardian Report Highlights Need for Secure Software Development; Secrets Sprawl Expands Globally and Threatens the Software Supply Chain...
The State of Secrets Sprawl Report 2023 (GitGuardian) We have never detected as many secrets and secrets sprawl has been accelerating yearly since 2020.
New SailPoint Research Highlights Need for Stronger Identity Security in Financial Services (Business Wire) Identity-related breaches are growing in financial services: 93% of respondents report experiencing a breach within the past two years
Americans lost a record $8.8 billion to fraud in 2022 (Atlas VPN) While fraud cases are dropping, fraud losses are increasing. Consumers in the United States lost a record $8.8 billion to various scams in 2022.
Will Air Cargo's lax cybersecurity measures be its undoing? (STAT Times) In the last two years, the logistics and aviation industries have faced numerous cyberattacks that have brought their operations to a standstill for weeks and created huge losses. As the air ...
The Right Is Big Mad at Big Tech But Can't Quite Figure Out Why (Rolling Stone) CPAC showed how the MAGA movement still can’t decide whether its problem is too much Silicon Valley or not enough faves
The Popularity and Impact of the TV Series ‘Mr. Robot’ on Cybersecurity and Hacking Culture (Hack Ware News) “Mr. Robot” is a critically acclaimed television series that has gained immense popularity for its portrayal of cybersecurity and hacking culture. The show follows the story of Elliot Alderson, a cybersecurity engineer by day and a vigilante hacker by night, who gets drawn into a web of intrigue and conspiracy. One of the key strengths […]
Marketplace
ActiveFence Acquires Rewire as it Builds the Next Generation of AI for Trust & Safety (PR Newswire) ActiveFence, whose mission is to protect online platforms and their users from malicious behavior and harmful content, today announced that it...
Socure Secures $95 Million Credit Facility with J.P. Morgan, Silicon Valley Bank and KeyBanc Capital Market (Business Wire) Socure, the leading provider of digital identity verification and fraud solutions, today announced it has entered into a $95 million, three-year credit facility with J.P. Morgan, Silicon Valley Bank, and KeyBanc Capital Markets.
OpenAI Rival Anthropic Raises Funding at $4.1 Billion Valuation (The Information) Spark Capital is leading a $300 million investment in artificial intelligence startup Anthropic, one of the primary startup challengers to OpenAI, at a pre-investment valuation of $4.1 billion, according to two people familiar with the matter. The deal follows a $400 million investment in the ...
With fresh capital raise, Dallas cybersecurity firm looks to help organizations combat attacks (Dallas Business Journal) CEO and Founder of HacWare Tiffany Ricks wants to help micro- and mid-sized organizations protect themselves from ransomware attacks.
Revelstoke Raises $20M in Series B Funding (FinSMEs) Revelstoke, a San Jose, CA-based provider of a Security Orchestration, Automation and Response (SOAR) platform, raised $20M in Series B funding
Broadcom is confident it will close its purchase of VMware. Investors? Not so much. (Silicon Valley Business Journal) If you ask Broadcom's CEO or various analysts, its planned purchase of VMware is nearly a sure thing. Investors, though, don't see it that way.
Thoma Bravo's Offer 'Insultingly Low,' Magnet Investor Says (Law360) California-based hedge fund manager Nellore Capital Management LLC on Wednesday sent a public letter to the shareholders of cybersecurity company Magnet Forensics, saying that they were "practically being robbed" by Thoma Bravo's proposed CA$1.8 billion ($1.34 billion) take-private purchase of the company and urging them to vote against the deal.
E-Sign on the Dotted Line: OneSpan Emerging as an M&A Target (Bank Info Security) Identity verification and e-signature firm OneSpan is working with investment bank Evercore on a sale process that could attract interest from other businesses and private equity firms, Reuters reported. This follows five publicly traded cyber vendors agreeing to go private since the start of 2022.
Fresh clouds for Darktrace as New York hedge fund claims concerns borne out (Evening Standard) Darktrace suffered another blow today after the New York-based investment business which earlier produced a short-seller report into the cybersecurity firm said its results failed to address its concerns.
Secured by Women: Why we’re celebrating brilliant women in cybersecurity (Lacework) Today, International Women’s Day, is a critical time to draw attention to the opportunities to bring visibility to more women in cybersecurity, but I’m proud to say Secured by Women will be an ongoing initiative that will extend far beyond Women’s History Month.
CISA and Women in CyberSecurity Strengthen Partnership to Bridge Gender Gap in Cyber and Tech (Cybersecurity and Infrastructure Security Agency) Today, in recognition of International Women’s Day, the Cybersecurity and Infrastructure Security Agency (CISA) is pleased to announce the signing of a Memorandum of Understanding (MOU) with Women in CyberSecurity (WiCyS) in order to work even closer together to bridge the gender gap in cybersecurity.
Bishop Fox's Women Behind the Writing (Bishop Fox) Get to the know technical editorial team at Bishop Fox and learn about the criticality of clear, continuous, and consistent communication with customers.
Israeli Startups Could Face ‘Frozen’ Funding Environment Amid Political Turmoil (Crunchbase News) Tech leaders are alarmed about Prime Minister Benjamin Netanyahu's proposed reforms, which have raised questions about the industry's future.
Tanium Sweeps 2023 Cybersecurity Excellence Awards (Business Wire) Industry leader recognized as winner in Best Cybersecurity Company, Most Innovative Cybersecurity Company, and Endpoint Security
Axis Named Most Innovative Cybersecurity Company at 2023 Cybersecurity Excellence Awards (PR Newswire) Axis announced today that it has won three gold awards at the 2023 Cybersecurity Excellence Awards. The company was recognized as the Most...
Conversant Group Hires Slate of Senior Leaders to Scale with Robust Customer Demand (PR Newswire) Conversant Group, an innovative provider of "Secure First" infrastructure and cybersecurity services, has hired four senior business leaders to...
Products, Services, and Solutions
Xcitium Launches Zero Dwell - Trusted Security Advisory Community (GlobeNewswire News Room) Today, Xcitium, the cybersecurity industry's leading provider of state-of-the-art endpoint...
ConductorOne Unveils Access Request Solution, Unifying the Access Control Experience for IT & Security Teams (PR Newswire) ConductorOne, Inc. announces their latest product, Access Requests, a first-of-its-kind solution that gives end users a simple way to request...
HUB Security Launches a Confidential Computing Cyber Solution for the Insurance Industry (Yahoo Entertainment) Partners with Zurich-Based Virtual I Technologies Insurtech Player for Introducing the Solution on a Global Basis
SecurityScorecard Partners with The International Legal Technology Association (ILTA) to Create a Cyber Resilient Legal Community (Business Wire) Security Ratings, Response and Resilience Company Provides 25,000 ILTA members with 360-degree view of cyber risk exposure
Slack boosts AI capabilities with new ChatGPT app (Computerworld) ChatGPT for Slack enhances the collaboration tool's search capabilities, summarizes conversations, and will help you craft responses to co-workers.
Palantir lands $99.6 mln deal with U.S. State Department (Reuters) Palantir Technologies Inc has won a contract to sell up to $99.6 million worth of software to the U.S. Department of State for monitoring the health of the diplomatic corps, the company told Reuters ahead of a Wednesday announcement.
Parsons Establishes Strategic Partnership with Microsoft, Accelerating the Digital Transformation of Global Infrastructure (GlobeNewswire News Room) Parsons Corporation (NYSE: PSN) announced today a new global strategic partnership with Microsoft to...
Wiz enhances its industry leading data security solution with broader cloud data coverage and customizable platform capabilities (Wiz Blog) Wiz for DSPM, now generally available, helps customers reduce the time it takes to discover and fix cloud data exposure before it becomes a costly breach
Acalvio and Carahsoft Partner to Deliver Advanced Cyber Deception Technology to the Public Sector (Business Wire) Acalvio Technologies, the leader in cyber deception, and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, today announced a partnership.
Sophos Endpoint Security Advancements Improve Cyberthreat Defenses and Streamline Management (GlobeNewswire News Room) Introduces Adaptive Active Adversary Protection, Linux Malware Protection Enhancements, Account Health Check Capabilities, Integrated ZTNA Agent, and More...
Axonius Adds SaaS Management Actions and Automations to Help Organizations Mitigate Risk and Optimize Spend (GlobeNewswire News Room) New capabilities designed to help organizations better control their SaaS security posture by providing greater visibility into SaaS applications in use...
News: DNSFilter Integrates with Banyan Security to Bring Internet Threat Protection to Zero Trust Access (DNSFilter) Best-of-breed partnership combines world’s fastest DNS resolver with industry-leading remote access platform.
NordLocker is no longer in “beta”: A confident move to serverless architecture (GlobeNewswire News Room) NordLocker, an encrypted cloud storage provider, announced that after several years of intense development, it...
ThreatBlockr Announces Partnership with Engaged Security Partners (Business Wire) This strategic partnership highlights the importance of breach prevention and creating a proactive security culture
Design and Innovation
Meta's large language model LLaMA leaks online (Computing) A torrent of the system was uploaded on 4chan earlier this month and has since been shared across multiple AI communities
Opinion | Noam Chomsky: The False Promise of ChatGPT (New York Times) The most prominent strain of A.I. encodes a flawed conception of language and knowledge.
Legislation, Policy, and Regulation
Belgium, Slovenia join Lithuanian-coordinated EU cyber force (Baltic Times) VILNIUS - Belgium and Slovenia on Wednesday signed a diplomatic note and officially joined the Lithuania-coordinated cyber rapid response force,...
China Faces More Limits on Chip-Export Gear From Netherlands (Bloomberg) Dutch to require licenses for exports of some DUV lithography. ASML says new rules won’t affect its financial outlook.
U.K. Privacy Bill Aims to Reduce the Burden on Business (Wall Street Journal) The U.K. government proposed a data-protection law that it said will save companies from unnecessary compliance paperwork and boost the economy by more than $5 billion over the next decade.
Signal would 'walk' from UK if Online Safety Bill undermined encryption (BBC News) Bosses of the messaging app fear the Online Safety Bill could force it to weaken its users' security.
Cyber Command, NSA Successes Point Way to Future (U.S. Department of Defense) U.S. Cyber Command and the National Security Agency are always on wartime footing as they work to defend the homeland from cyber attacks, Army Gen. Paul Nakasone told the Senate Armed Services
HPH Sector Cybersecurity Framework Implementation Guide Version 2 (U.S. Department of Health and Human Services) Today's climate of increasingly sophisticated cyberattacks exploit fragmented hospital infrastructures, an often-unwieldy number of applications and legacy, and network-connected medical devices, which can negatively impact patient care, cripple business operations, expose sensitive health data, and negatively impact a company's reputation and market value.
Supporters of surveillance law must 'lean in' to transparency, Sen. Warner says (The Record by Recorded Future) U.S. intelligence officials and their allies on Capitol Hill have work to do with the public and skeptical lawmakers if Congress is going to renew Section 702 of the FISA law, Sen. Mark Warner says.
TSA issues new cybersecurity requirements for airport and aircraft operators (Transportation Security Administration) Today, the Transportation Security Administration (TSA) issued a new cybersecurity amendment on an emergency basis to the security programs of certain TSA-regulated airport and aircraft operators, following similar measures announced in
TSA Requires Aviation Sector to Enhance Cybersecurity Resilience (SecurityWeek) TSA instructs airport and aircraft operators to improve their cybersecurity resilience and prevent infrastructure disruption and degradation.
The TSA Wants Airports & Airlines To Boost Their Cybersecurity (Simple Flying) The emergency amendment bolsters digital security and resilience across the US aviation industry following an increase in cyberattacks.
TSA issues emergency cybersecurity orders for airports and aircraft operators (The Record) The Transportation Security Administration handed down new emergency cybersecurity protocols for airports and aircraft operators.
The US Military Needs to Create a Cyber Force (Bloomberg) Two disturbing incidents roiled the cyber seas last week, one foreign and one domestic. They both strengthen the case — which was already convincing, and which I have been making for almost a decade now — for the creation of a US Cyber Force.
Dickinson receives $31,500 cybersecurity grant for Zero Trust network program (Dickinson Press) Commissioners approve new cybersecurity program grant to proactively prevent ransomware attacks as 75% of state organizations face ransomware attacks.
NYC aims to diversify cybersecurity field with new internship program (The Record) A new internship program backed by the city government of New York is launching to diversify the cybersecurity talent pipeline.
Litigation, Investigation, and Law Enforcement
The FBI Just Admitted It Bought US Location Data (WIRED) Rather than obtaining a warrant, the bureau purchased sensitive data—a controversial practice that privacy advocates say is deeply problematic.
Will S.B.F. Cut a Deal? (Puck) A close reading of the latest developments and looming mysteries: Can S.B.F. flip on a politician? Is Ryan Salame the next FTX insider to plead guilty? What will happen to the parents, Barbara and Joe, and to the brother, G.B.F? And will the case even make it to trial?
Local YouTube star sentenced to 5½ years, ordered to forfeit $30M in large-scale cable piracy case (Philadelphia Inquirer) Bill Omar Carrasquillo amassed a $30 million fortune selling access to streaming cable TV content hijacked from set-top boxes at prices as low as $15 a month.